#!/bin/bash

# MinIO server endpoints
MINIO_URL="https://s3.intra.lila.network"
MINIO_ADMIN_URL="https://s3-admin.intra.lila.network"

# Generate random bucket name
echo "Input name of new bucket:"
read BUCKET_NAME

POLICY_FILE=$(mktemp)

# Generate access and secret key for the new user
#ACCESS_KEY="$BUCKET_NAME-user"
#SECRET_KEY=$(openssl rand -base64 42)

# Create the bucket
#mc alias set myminio $MINIO_URL $ADMIN_ACCESS_KEY $ADMIN_SECRET_KEY --insecure
mc mb "minio/$BUCKET_NAME"

# Create policy for the bucket allowing full access to the new user
cat <<EOF > "$POLICY_FILE"
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::$BUCKET_NAME"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject"
      ],
      "Resource": [
        "arn:aws:s3:::$BUCKET_NAME/*"
      ]
    }
  ]
}
EOF


# Add new user with the generated keys
#mc admin user add minio $ACCESS_KEY $SECRET_KEY

# Apply the policy to the new user
#mc admin policy create minio $BUCKET_NAME-policy $POLICY_FILE
#mc admin policy attach minio $BUCKET_NAME-policy user=$ACCESS_KEY



mc admin accesskey create minio/ --name "$BUCKET_NAME-ak" --description "autogenerateed by minio-create-bucket" --policy "$POLICY_FILE"

# Output the details
#echo ""
#echo "------------------------------------"
#echo "Bucket Name: $BUCKET_NAME"
#echo "Access Key:  $ACCESS_KEY"
#echo "Secret Key:  $SECRET_KEY"
#echo "------------------------------------"

# Clean up policy file
rm -f "$POLICY_FILE"